FOSS/nethogs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Issue: #62 - UDP support

Browse Source
This commit is contained in:
Kondo Takeo
2021-02-04 00:31:40 +09:00
parent d4f3b22140
commit e024d3eb33
7 changed files with 48141 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/conninode.cpp
View File

@@ -41,7 +41,8 @@ extern bool bughuntmode;
* key contains source ip, source port, destination ip, destination * key contains source ip, source port, destination ip, destination
* port in format: '1.2.3.4:5-1.2.3.4:5' * port in format: '1.2.3.4:5-1.2.3.4:5'
*/ */
std::map<std::string, unsigned long> conninode; std::map<std::string, unsigned long> conninode_tcp;
std::map<std::string, unsigned long> conninode_udp;
/* /*
* parses a /proc/net/tcp-line of the form: * parses a /proc/net/tcp-line of the form:
@@ -58,7 +59,8 @@ std::map<std::string, unsigned long> conninode;
*00000000 0 0 2525 2 c732eca0 201 40 1 2 -1 *00000000 0 0 2525 2 c732eca0 201 40 1 2 -1
* *
*/ */
void addtoconninode(char *buffer) { void addtoconninode(char *buffer,
std::map<std::string, unsigned long> &conninode) {
short int sa_family; short int sa_family;
struct in6_addr result_addr_local = {}; struct in6_addr result_addr_local = {};
struct in6_addr result_addr_remote = {}; struct in6_addr result_addr_remote = {};
@@ -159,7 +161,8 @@ void addtoconninode(char *buffer) {
} }
/* opens /proc/net/tcp[6] and adds its contents line by line */ /* opens /proc/net/tcp[6] and adds its contents line by line */
int addprocinfo(const char *filename) { int addprocinfo(const char *filename,
std::map<std::string, unsigned long> &conninode) {
FILE *procinfo = fopen(filename, "r"); FILE *procinfo = fopen(filename, "r");
char buffer[8192]; char buffer[8192];
@@ -171,7 +174,7 @@ int addprocinfo(const char *filename) {
do { do {
if (fgets(buffer, sizeof(buffer), procinfo)) if (fgets(buffer, sizeof(buffer), procinfo))
addtoconninode(buffer); addtoconninode(buffer, conninode);
} while (!feof(procinfo)); } while (!feof(procinfo));
fclose(procinfo); fclose(procinfo);
@@ -185,13 +188,23 @@ void refreshconninode() {
// conninode = new HashTable (256); // conninode = new HashTable (256);
#if defined(__APPLE__) || defined(__FreeBSD__) #if defined(__APPLE__) || defined(__FreeBSD__)
addprocinfo("net.inet.tcp.pcblist"); addprocinfo("net.inet.tcp.pcblist", conninode_tcp);
#else #else
if (!addprocinfo("/proc/net/tcp")) { if (!addprocinfo("/proc/net/tcp", conninode_tcp)) {
std::cout << "Error: couldn't open /proc/net/tcp\n"; std::cout << "Error: couldn't open /proc/net/tcp\n";
exit(0); exit(0);
} }
addprocinfo("/proc/net/tcp6"); addprocinfo("/proc/net/tcp6", conninode_tcp);
#endif
#if defined(__APPLE__) || defined(__FreeBSD__)
addprocinfo("net.inet.udp.pcblist", conninode_udp);
#else
if (!addprocinfo("/proc/net/udp", conninode_udp)) {
std::cout << "Error: couldn't open /proc/net/udp\n";
exit(0);
}
addprocinfo("/proc/net/udp6", conninode_udp);
#endif #endif
// if (DEBUG) // if (DEBUG)

22
src/conninode_test.cpp
View File

@@ -4,21 +4,37 @@ local_addr *local_addrs = NULL;
bool bughuntmode = false; bool bughuntmode = false;
int main() { int main() {
if (!addprocinfo("testfiles/proc_net_tcp")) { if (!addprocinfo("testfiles/proc_net_tcp", conninode_tcp)) {
std::cerr << "Failed to load testfiles/proc_net_tcp" << std::endl; std::cerr << "Failed to load testfiles/proc_net_tcp" << std::endl;
return 1; return 1;
} }
if (!addprocinfo("testfiles/proc_net_tcp_big")) { if (!addprocinfo("testfiles/proc_net_tcp_big", conninode_tcp)) {
std::cerr << "Failed to load testfiles/proc_net_tcp_big" << std::endl; std::cerr << "Failed to load testfiles/proc_net_tcp_big" << std::endl;
return 2; return 2;
} }
#if !defined(__APPLE__) && !defined(__FreeBSD__) #if !defined(__APPLE__) && !defined(__FreeBSD__)
if (!addprocinfo("/proc/net/tcp")) { if (!addprocinfo("/proc/net/tcp", conninode_tcp)) {
std::cerr << "Failed to load /proc/net/tcp" << std::endl; std::cerr << "Failed to load /proc/net/tcp" << std::endl;
return 3; return 3;
} }
#endif #endif
if (!addprocinfo("testfiles/proc_net_udp", conninode_udp)) {
std::cerr << "Failed to load testfiles/proc_net_udp" << std::endl;
return 4;
}
if (!addprocinfo("testfiles/proc_net_udp_big", conninode_udp)) {
std::cerr << "Failed to load testfiles/proc_net_udp_big" << std::endl;
return 5;
}
#if !defined(__APPLE__) && !defined(__FreeBSD__)
if (!addprocinfo("/proc/net/udp", conninode_udp)) {
std::cerr << "Failed to load /proc/net/udp" << std::endl;
return 6;
}
#endif
return 0; return 0;
} }

5
src/nethogs.cpp
View File

@@ -150,7 +150,7 @@ int process_tcp(u_char *userdata, const dp_header *header,
} else { } else {
/* else: unknown connection, create new */ /* else: unknown connection, create new */
connection = new Connection(packet); connection = new Connection(packet);
getProcess(connection, args->device); getProcess(connection, args->device, IPPROTO_TCP);
} }
delete packet; delete packet;
@@ -202,8 +202,7 @@ int process_udp(u_char *userdata, const dp_header *header,
} else { } else {
/* else: unknown connection, create new */ /* else: unknown connection, create new */
connection = new Connection(packet); connection = new Connection(packet);
unknownudp->connections = new ConnList(connection, unknownudp->connections); getProcess(connection, args->device, IPPROTO_UDP);
// getProcess(connection, args->device);
} }
delete packet; delete packet;

8
src/process.cpp
View File

@@ -47,7 +47,8 @@ extern bool catchall;
* key contains source ip, source port, destination ip, destination * key contains source ip, source port, destination ip, destination
* port in format: '1.2.3.4:5-1.2.3.4:5' * port in format: '1.2.3.4:5-1.2.3.4:5'
*/ */
extern std::map<std::string, unsigned long> conninode; extern std::map<std::string, unsigned long> conninode_tcp;
extern std::map<std::string, unsigned long> conninode_udp;
/* this file includes: /* this file includes:
* - calls to inodeproc to get the pid that belongs to that inode * - calls to inodeproc to get the pid that belongs to that inode
@@ -306,7 +307,10 @@ Process *getProcess(unsigned long inode, const char *devicename) {
* is made. If no process can be found even then, it's added to the * is made. If no process can be found even then, it's added to the
* 'unknown' process. * 'unknown' process.
*/ */
Process *getProcess(Connection *connection, const char *devicename) { Process *getProcess(Connection *connection, const char *devicename,
short int packettype) {
std::map<std::string, unsigned long> &conninode =
(packettype == IPPROTO_TCP) ? conninode_tcp : conninode_udp;
unsigned long inode = conninode[connection->refpacket->gethashstring()]; unsigned long inode = conninode[connection->refpacket->gethashstring()];
if (inode == 0) { if (inode == 0) {

3
src/process.h
View File

@@ -134,7 +134,8 @@ private:
Process *val; Process *val;
}; };
Process *getProcess(Connection *connection, const char *devicename = NULL); Process *getProcess(Connection *connection, const char *devicename = NULL,
short int packettype = IPPROTO_TCP);
void process_init(); void process_init();

16
src/testfiles/proc_net_udp Normal file
View File

@@ -0,0 +1,16 @@
sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode ref pointer drops
39: 3419F40A:DB26 BDCC7D4A:01BB 01 00000000:00000000 00:00000000 00000000 1000 0 79657 2 0000000000000000 0
1955: 3419F40A:E2A2 6319D9AC:01BB 01 00000000:00000000 00:00000000 00000000 1000 0 185469 2 0000000000000000 0
4626: 00000000:ED11 00000000:0000 07 00000000:00000000 00:00000000 00000000 116 0 32328 2 0000000000000000 0
8847: 3419F40A:BD8E BDCC7D4A:01BB 01 00000000:00000000 00:00000000 00000000 1000 0 51058 2 0000000000000000 0
9526: 017AA8C0:0035 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 35289 2 0000000000000000 0
9526: 3500007F:0035 00000000:0000 07 00000000:00000000 00:00000000 00000000 101 0 26778 2 0000000000000000 0
9540: 00000000:0043 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 35286 2 0000000000000000 0
9541: 00000000:0044 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 35490 2 0000000000000000 0
10104: 00000000:0277 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 68859 2 0000000000000000 0
13615: 3419F40A:D02E 8E1FD9AC:01BB 01 00000000:00000000 00:00000000 00000000 1000 0 184575 2 0000000000000000 0
14826: FB0000E0:14E9 00000000:0000 07 00000000:00000000 00:00000000 00000000 1000 0 58803 2 0000000000000000 0
14826: 00000000:14E9 00000000:0000 07 00000000:00000000 00:00000000 00000000 116 0 32326 2 0000000000000000 0
15093: 3419F40A:95F4 AA6A7D4A:01BB 01 00000000:00000000 00:00000000 00000000 1000 0 180186 2 0000000000000000 0
15432: 3419F40A:D747 431BD9AC:01BB 01 00000000:00000000 00:00000000 00000000 1000 0 186370 2 0000000000000000 0
15816: 3419F40A:98C7 BDCC7D4A:01BB 01 00000000:00000000 00:00000000 00000000 1000 0 79872 2 0000000000000000 0

48076
src/testfiles/proc_net_udp_big Normal file
View File

File diff suppressed because it is too large Load Diff